Detections
Analytics
SUSE SLES12 Security Update : wireshark (SUSE-SU-2018:2891-2)
high Nessus Plugin ID 118294
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
This update for wireshark to version 2.4.9 fixes the following issues :Wireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514).
Security issues fixed :
CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).
CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)
CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).
CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).
CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).
CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).
CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).
CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).
CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).
CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).
CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2051=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1094301
https://bugzilla.suse.com/show_bug.cgi?id=1101776
https://bugzilla.suse.com/show_bug.cgi?id=1101777
https://bugzilla.suse.com/show_bug.cgi?id=1101786
https://bugzilla.suse.com/show_bug.cgi?id=1101788
https://bugzilla.suse.com/show_bug.cgi?id=1101791
https://bugzilla.suse.com/show_bug.cgi?id=1101794
https://bugzilla.suse.com/show_bug.cgi?id=1101800
https://bugzilla.suse.com/show_bug.cgi?id=1101802
https://bugzilla.suse.com/show_bug.cgi?id=1101804
https://bugzilla.suse.com/show_bug.cgi?id=1101810
https://bugzilla.suse.com/show_bug.cgi?id=1106514
https://www.suse.com/security/cve/CVE-2018-11354/
https://www.suse.com/security/cve/CVE-2018-11355/
https://www.suse.com/security/cve/CVE-2018-11356/
https://www.suse.com/security/cve/CVE-2018-11357/
https://www.suse.com/security/cve/CVE-2018-11358/
https://www.suse.com/security/cve/CVE-2018-11359/
https://www.suse.com/security/cve/CVE-2018-11360/
https://www.suse.com/security/cve/CVE-2018-11361/
https://www.suse.com/security/cve/CVE-2018-11362/
https://www.suse.com/security/cve/CVE-2018-14339/
https://www.suse.com/security/cve/CVE-2018-14340/
https://www.suse.com/security/cve/CVE-2018-14341/
https://www.suse.com/security/cve/CVE-2018-14342/
https://www.suse.com/security/cve/CVE-2018-14343/
https://www.suse.com/security/cve/CVE-2018-14344/
https://www.suse.com/security/cve/CVE-2018-14367/
https://www.suse.com/security/cve/CVE-2018-14368/
https://www.suse.com/security/cve/CVE-2018-14369/
https://www.suse.com/security/cve/CVE-2018-14370/
https://www.suse.com/security/cve/CVE-2018-16056/
https://www.suse.com/security/cve/CVE-2018-16057/
https://www.suse.com/security/cve/CVE-2018-16058/
http://www.nessus.org/u?0f8bc7b8
https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html
Plugin Details
Severity: High
ID: 118294
File Name: suse_SU-2018-2891-2.nasl
Version: 1.4
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 10/22/2018
Updated: 2/4/2022
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2018-14368
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:libwireshark9, p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo, p-cpe:/a:novell:suse_linux:libwiretap7, p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo, p-cpe:/a:novell:suse_linux:libwscodecs1, p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo, p-cpe:/a:novell:suse_linux:libwsutil8, p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo, p-cpe:/a:novell:suse_linux:wireshark, p-cpe:/a:novell:suse_linux:wireshark-debuginfo, p-cpe:/a:novell:suse_linux:wireshark-debugsource, p-cpe:/a:novell:suse_linux:wireshark-gtk, p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo, cpe:/o:novell:suse_linux:12
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 10/18/2018
Vulnerability Publication Date: 5/22/2018
Reference Information
CVE: CVE-2018-11354, CVE-2018-11355, CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11361, CVE-2018-11362, CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370, CVE-2018-16056, CVE-2018-16057, CVE-2018-16058